tlias管理系统--登录校验--使用过滤器Filter实现登录校验功能
This commit is contained in:
@@ -4,7 +4,9 @@ import javax.servlet.*;
|
||||
import javax.servlet.annotation.WebFilter;
|
||||
import java.io.IOException;
|
||||
|
||||
@WebFilter(urlPatterns = "/*")
|
||||
//@WebFilter(urlPatterns = "/*")
|
||||
//@WebFilter(urlPatterns = "/login")
|
||||
//@WebFilter(urlPatterns = "/emps/*")
|
||||
public class DemoFilter implements Filter {
|
||||
@Override
|
||||
public void init(FilterConfig filterConfig) throws ServletException {
|
||||
@@ -15,8 +17,10 @@ public class DemoFilter implements Filter {
|
||||
@Override
|
||||
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
|
||||
System.out.println("doFilter,过滤器的拦截方法执行了");
|
||||
System.out.println("DemoFilter---放行前的逻辑");
|
||||
//放行
|
||||
filterChain.doFilter(request,response);
|
||||
System.out.println("DemoFilter---放行后的逻辑");
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@@ -0,0 +1,67 @@
|
||||
package com.inmind.filter;
|
||||
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import com.inmind.pojo.Result;
|
||||
import com.inmind.utils.JwtUtils;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.springframework.util.StringUtils;
|
||||
|
||||
import javax.servlet.*;
|
||||
import javax.servlet.annotation.WebFilter;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
|
||||
@WebFilter(urlPatterns = "/*")//登录校验过滤器,拦截所有的资源请求
|
||||
@Slf4j
|
||||
public class LoginCheckFilter implements Filter {
|
||||
@Override
|
||||
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
|
||||
|
||||
//1.获取请求url(之前都是通过HttpServletRequest获取请求)
|
||||
HttpServletRequest request = (HttpServletRequest) servletRequest;
|
||||
HttpServletResponse response = (HttpServletResponse) servletResponse;
|
||||
String url = request.getRequestURI();//http://localhost:8080/login或者http://localhost:8080/emps
|
||||
log.info("请求url:"+url);
|
||||
//2.判断请求url中是否有login,如果包含那就是登录接口,直接放行
|
||||
if (url.contains("login")) {
|
||||
log.info("当前是登录请求,直接放行");
|
||||
filterChain.doFilter(servletRequest,servletResponse);
|
||||
return;//放行后会回到当前代码中,所以要直接提前结束方法功能,否则下面的业务逻辑还会执行
|
||||
}
|
||||
//3.如果不是登录操作,获取请求头中的令牌
|
||||
String jwt = request.getHeader("token");
|
||||
|
||||
//4.判断令牌是否存在
|
||||
if (!StringUtils.hasLength(jwt)) {
|
||||
log.info("令牌不存在,直接响应未登录状态");
|
||||
// 未登录的响应实现
|
||||
notLogin(response);
|
||||
return;
|
||||
}
|
||||
|
||||
//5.判断令牌的合法性,如果不合法则,响应未登录状态
|
||||
try {
|
||||
JwtUtils.parseJWT(jwt);
|
||||
} catch (Exception e) {
|
||||
//未登录的响应实现
|
||||
notLogin(response);
|
||||
return;
|
||||
}
|
||||
|
||||
//放行
|
||||
filterChain.doFilter(servletRequest,servletResponse);
|
||||
return;
|
||||
}
|
||||
|
||||
private void notLogin(HttpServletResponse response) throws IOException {
|
||||
//根据接口文档响应json,之前通过spring的控制器的@ResponseBody注解自动转换为json返回
|
||||
//但是当前不是控制器,所以我们要手动封装json数据响应
|
||||
Result error = Result.error("NOT_LOGIN");
|
||||
//手动将java对象转为json字符串----阿里巴巴fastJson
|
||||
String notLoginJson = JSONObject.toJSONString(error);
|
||||
//响应数据通过响应对象,直接返回给浏览器(客户端)
|
||||
response.getWriter().write(notLoginJson);
|
||||
return;
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,16 @@
|
||||
package com.inmind.filter;
|
||||
|
||||
import javax.servlet.*;
|
||||
import javax.servlet.annotation.WebFilter;
|
||||
import java.io.IOException;
|
||||
|
||||
//@WebFilter(urlPatterns = "/*")
|
||||
public class XbcFilter implements Filter {
|
||||
@Override
|
||||
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
|
||||
System.out.println("XbcFilter -- 放行前的逻辑");
|
||||
//放行
|
||||
filterChain.doFilter(request,response);
|
||||
System.out.println("XbcFilter --- 放行后的逻辑");
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user